The rapid development in the past decade of computer technologies, including cloud technologies, and also the widespread use of diverse computing devices (personal computers, notebooks, tablets, smartphones, etc.), has served as a powerful stimulus for the use of these devices in every possible sphere of human activity and for a tremendous number of tasks (from Internet surfing and communication via Internet to bank transfers and electronic document traffic). In parallel with the growth in numbers of computing devices, the volumes of software running on these devices have also grown at a rapid pace, including malicious software.
At present, a huge number of malicious program varieties exist. Some of them may steal personal and confidential data from the devices of users (such as logins and passwords, bank details, electronic documents). Others may form so-called botnets from the devices of users to guess passwords using the brute force method or launch attacks such as a denial of service (Distributed Denial of Service, DDOS) against other computers or computer networks. Still others may foist paid content onto users through aggressive advertising, paid subscriptions, sending of text messages to paid phone numbers, and so forth.
Antivirus programs may be used to defeat malicious programs. An effective solution may require first and foremost a timely detection of files containing the code of malicious programs, for which the antivirus programs may employ various technologies, such as signature, heuristic and proactive analysis, white and black lists, and so forth. Each of the above-mentioned technologies may have its own effectiveness in detecting malicious files, based on its potential ability to detect certain malicious files and on the requirements on the computing resources of the computer system on which the technology running.
At present, the volumes of data (including files) being processed by computer systems are so vast that their antivirus scanning by antivirus programs may take a long time and demand substantial computing resources, which is especially critical for the users of personal computers. Therefore, in order to increase the effectiveness of detection of malicious files, methods of increasing the computing resources of the computer systems on which the search for malicious files takes place may be used. For example, distributed systems may be used to search for malicious files. Such systems may comprise several servers, and on each server only a portion of the files needing to be scanned is scanned.
The known operating methods may be ineffective when there is a heavy workload on the computer systems performing the antivirus scanning of files, or when some of the computer systems taking part in the antivirus scanning of files are malfunctioning.